Http3 with stream proxies?

Joachim · April 1, 2026, 8:42pm

Please use this template for troubleshooting questions.

My issue:

I am trying to configure http3 on my webserver.

How I encountered the problem:

Solutions I’ve tried:

First, my webserver listens on port 443 using stream module and dispatches based on sni to one of three variants:

sites served by nginx locally (all these listen in fact on 127.0.0.1:444, and both ends of the local connection use proxy_protocol), using static information or proxying upstream,
connecting to other services in my network by passing the tcp stream without terminating tls.

None of the second flavor does support http3.
Now when I add listen 443 quic; to one those site served locally, restart nginx, and test using https://http3checker.com/ it reports success.

Now Support for QUIC and HTTP/3 tells “Along with the quic parameter it is also possible to specify the reuseport parameter to make it work properly with multiple workers.” However if I add reuseport (i.e. listen 443 quic reuseport;) I get the error message
nginx: [emerg] duplicate listen options for 0.0.0.0:443 in /etc/nginx/nginx.conf:433

I suspect, listen 443 quic does not tell nginx to listen on tcp only, correct? but then why does it work without reuseport?

In another iteration I am trying to mirror the sni (though unneeded). In my stream section I use

server {
    listen [::]:443 udp ipv6only=off reuseport;
    proxy_timeout 20s;
    proxy_pass web;
}

where web is 127.0.0.1:444, and I changed the listen above to listen 444 quic reuseport;
https://http3checker.com/ again reports success. But at least the proxy_timeout above feels strange, and I think I am loosing the proxy_protocol and thus ip addresses in logs, correct?

Version of NGINX or NGINX adjacent software (e.g. NGINX Gateway Fabric):

nginx 1.29.7

Deployment environment:

ubuntu 24.04.4

Minimal NGINX config to reproduce your issue (preferably running on https://tech-playground.com/playgrounds/nginx for ease of debugging, and if not as a code block): (Tip → Run nginx -T to print your entire NGINX config to your terminal.)

haven´t tried this so far.

NGINX access/error log: (Tip → You can usually find the logs in the /var/log/nginx directory.)

Ideally I don´t want to have this proxying step as it is unnecessary and looses the correct IP address. I am dreaming of something like listen 443 quiconly reuseport;

Any thoughts?

Topic		Replies	Views
What does the http3 config option do? General Discussion config , reverse-proxy , quic , http3	4	166	November 11, 2025
PSA: Using quic_bpf + reuseport will eventually drop HTTP/3 traffic NGINX config , web-server , reverse-proxy , http3 , networking	4	983	March 24, 2026
Possible to make preread work for QUIC? NGINX ssl , quic , http3 , upstream	0	102	September 1, 2025
HTTP/2 and HTTP/3 on the same `server` NGINX web-server , http , http2 , http3	4	517	July 1, 2025
Can't set up precompressed brotli or http3 NGINX ssl , config , web-server , http3	4	103	October 12, 2025

Http3 with stream proxies?

Related topics